configuring a pix 506

[mandel]

I have a pix 506 configured on a simple test network :
The inside interface is connected to a pc (205.153.12.182)
the outisde interface is connected to a cisco 678 dsl router (205.153.13.21)
the inside interface is 205.153.12.20
the outside interface is 205.153.13.20
the pc default gateway is set to 205.153.12.20

I can ping the router from the pc but not the pc from the router.
I can ping router or pc from inside the interface.
I cannot telnet to the router from the pc
I am not using nat

bellow is part of the configuration of the pix

ip address outside 205.153.13.20 255.255.255.0
ip address inside 205.153.12.20 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
arp timeout 14400
nat (inside) 0 205.153.12.0 255.255.255.0 0 0
static (inside,outside) 205.153.12.0 205.153.12.0 netmask 255.255.255.0 0 0
conduit permit icmp any any
rip inside default version 1
route outside 0.0.0.0 0.0.0.0 205.153.13.21 1

Once I can figure out how to make it work the intent is to use the pix between the internet (dsl router 678) and the inside network.
Can someone help me do that ?

Sam Mandel

 

[Guest_imported]

static (inside,outside) 205.153.12.0 205.153.12.0 netmask 255.255.255.0 0 0

This should be like this, I think:

static (inside,outside) 205.153.13.0 205.153.12.0 netmask 255.255.255.0 0 0

 

[mandel]

would the static command as you describe (13 network) to (12) network open a "hole" on the security since the 13 is outside ,secutity 0 and the 12 inside security 100?

sdm

 

[Guest_imported]

Yes, connecting any static route or conduit will open a potential gateway to your internal network.....